Microsoft 365 App Certification

LMS365 is a Microsoft 365 Certified App that reaches the highest level of security and compliance required by Microsoft. In this article, we will describe the Microsoft 365 App Certification and elaborate on what the certification means for LMS365 customers and partners.

 

In this article

 

The Microsoft 365 App Certification

With the Microsoft 365 App Certification, Microsoft confirms that an app solution is compliant and live up to the criteria described in the Microsoft 365 Certification Submission Guide. This means that users of Microsoft certified apps can be confident that their internal data and sensitive information is secured and protected. 

The certification is provided after a complete and yearly review across four security domains by a team of qualified certification analysts:

 

Application Security

This area especially includes a GraphAPI Permission Validation to validate that the app does not request overly permissive permissions and that all permissions are properly justified.

 

Operational Security

This domain ensures that the app’s supporting infrastructure and deployment processes are aligned with security best practices. This includes controls of Malware Protection, Vulnerability Scanning, Patch Management, Event Logging & Monitoring, Change Control, and Risk Management.

 

Data Handling Security and Privacy

This domain requires that data in transit, data in rest, data retention and disposal, and data access management happens in accordance with GDPR, Microsoft's TLS Profile configuration requirements, and Encryption Profile Configuration Requirements.

 

Optional External Compliance Frameworks

Lastly, the validity of external security compliance frameworks are checked, if these has been provided as part of the certification process. This includes ISMS/ IEC - IS0/IEC 27001 specification, PCI DSS, and SOC 2.

 

Protection of privacy and data 

LMS365 is dedicated to upholding the highest standards of organizational security and compliance.

The Microsoft 365 App Certification demonstrates that LMS365 conforms to the strict guidelines put forth by Microsoft assuring LMS365 customers and partners that data and privacy are under control and protected when integrating the LMS365 app into their Microsoft 365 platform.

 

“By earning the Microsoft 365 App Certification, Microsoft is assuring customers that LMS365 follows secure practices for data handling and app security.”

Leana Gerrad, Microsoft 365 Core PM at Microsoft

 

 

Was this article helpful?
0 out of 0 found this helpful